W hit e Pape r
No Space in Embedded Devices
Many embedded devices are tiny and use every last bit of available space. However, most embedded
systems include flash memory storage for applications and other data. If this original flash memory card
is replaced with a CmDongle with integrated flash memory, the same form factor and same number
of interfaces now comes with maximum security. The smallest version of CmDongle with flash memory
comes as a microSD card. At only 11 mm × 15 mm × 0.7 mm in size, it fits even in the tiniest devices – a
great opportunity for making the controllers, sensors, and engines of the Industrie 4.0 world more secure.
Retrofitting Security
Industry and legislators are responding to the increasing threat of cyber crime with new regulations or
changes to old rulebooks. One recent example is the new act on IT security. Technical protection measures
are already required by law for medical devices. New devices have begun to include security by design,
but many old devices are still in use until they are eventually replaced by newer machines. These can
now benefit from the ability to retrofit security technology in an easy and streamlined manner. Security
measures can be added whenever normal smart card connections are available. The existing hardware
remains untouched, and only the software needs to be adjusted for the new security functions. Little
effort is needed to bring old technology up to the newest standards of security.
Four Partitions and an Infinity of New Applications
CmPublic
All CmDongles with flash memory storage come installed
with a public partition at maximum size. In the original
state, the host can access this partition with full read/
write rights like any disk. Adjusting the settings allows
the OEM to activate a CmSecure Disk on CmCards and
USB CmStick/M. The USB CmStick/M also offers the CDROM partition CmCdRom and the secure private partition
CmPrivate.
CmCdRom
CmPublic
Disk vs. USB HID
The USB CmStick/M can be set for so-called HID-only
CmPrivate
mode. HID is an acronym for “Human Interface Device”
and normally refers to devices like mice or keyboards.
The selection determines how CodeMeter hardware and
the host system interact with each other. In HID mode,
all CodeMeter security functions are available and a
CmSecure
CmSecure disk can be created, but the other partitions
are not available. The advantage of HID mode is that
the host system does not treat CmStick as a USB memory
stick, but as an input device. No malware or vir